Mark Heyink

About Mark Heyink

Mark Heyink is an Information Attorney and an Information Security Consultant. He is also a director of Information Governance (Pty) Limited. His practice and consultancy are devoted to the specialised study and advice on good practice relating to electronic information, information security, privacy and existing and emerging laws which govern information. Read more ...

SARB Cybersecurity and Cyber-Resilience Directive

The South African Reserve Bank (SARB) has issued a Cybersecurity and Cyber-Resilience Directive focused on strengthening cybersecurity and cyber-resilience within the National Payment System. Since the financial sector plays a vital role in our economy, SARB expects all payment institutions [...]

By |2025-05-29T21:12:47+02:00May 29th, 2025|Categories: Cybersecurity Law|Tags: |
Read More

Truth or lies? Deep fakes and other risks

On January 29, 2024, the Information Regulator organised a webinar to discuss the risks of false information in elections. They focused on “disinformation,” which is intentionally misleading false information, and “misinformation,” which is innocently sharing false information believing it [...]

By |2024-02-05T07:47:37+02:00February 2nd, 2024|Categories: Access to Information, Information Law, POPI and Data Protection|Tags: , , |
Read More

CJEU AI Strategy sets out courts artificial intelligence strategy

The Court of Justice of the European Union (CJEU) recently released its Artificial Intelligence Strategy (CJEU AI Strategy). The CJEU recently shared its plan for dealing with artificial intelligence. This document not only helps us understand how the court views [...]

By |2024-02-28T21:51:13+02:00January 31st, 2024|Categories: AI Governance|Tags: , , |
Read More

Your duty of care regards information security

Every organisation has a duty of care to establish and maintain appropriate information security. The judgment in Hawarden vs ENS illustrates that no modern business can operate properly and lawfully without establishing and maintaining appropriate information security. The facts of [...]

By |2025-09-03T14:59:50+02:00January 24th, 2023|Categories: Cybersecurity Law, POPI and Data Protection|Tags: , , , , |
Read More

Apple and Microsoft affirm the importance of privacy

At the recent IAPP Global Privacy Summit in Washington DC Tim Cook the CEO of Apple acknowledged that protecting privacy is not easy. He added ‘it is one of the most essential battles of our time’. Cook’s comments echo [...]

By |2022-11-15T22:12:55+02:00May 10th, 2022|Categories: POPI and Data Protection|Tags: , |
Read More

Data breach notification: What we can learn from the Information Regulators response

Data breach notification is both good business and required by law. What can we learn from the Regulator’s media statement on the Experian breach? Not if but when Commentators on cybersecurity warn “…it is not a question of if a [...]

By |2022-11-08T07:26:28+02:00August 27th, 2020|Categories: POPI and Data Protection|Tags: , , |
Read More